PNF Software has a series of blog posts on how to use their JEB product to reverse firmware:
Firmware Exploitation with JEB:
In this series of blog posts I will show how JEB’s MIPS decompiler 1 can help you find and exploit software vulnerabilities in embedded devices. To do so, we will use Praetorian’s Damn Vulnerable Router Firmware (DVRF) written by b1ack0wl. DVRF is a custom firmware made to run on a Linksys E1550 router containing a bunch of memory corruption vulnerabilities. The goal of the DVRF is to serve as a playground to learn exploitation on the MIPS architecture. As far as I know, there are no write-ups of the challenges on the Internet. For the readers interested in testing the challenges by themselves, I suggest to follow the DVRF tutorial, and getting a complete MIPSEL Debian QEMU image as it allows the usual exploit development workflow on Linux, without any limits on the available tools.[…]
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-1/
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-2/
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-3-reversing-the-smartrgs-sr505n/
Firmware Security 